The Tor Project develops and maintains the Tor, a software that allows users to browse the web anonymously and securely. Tor was originally developed for the purpose of protecting government communications. Today, it is used by a wide variety of people for different purposes. An estimated 500,000 people use Tor on a daily basis; some use Tor to keep websites from tracking them and their family members, some use Tor to research sensitive topics, and some use Tor to connect to news sites and instant messaging services when these are blocked by their local Internet providers.

Karen Reilly (puffin_net) is the Development Director at The Tor Project, responsible for fundraising, advocacy, general marketing, and policy outreach programs for Tor.

Runa A. Sandvik (runasand) is a developer and researcher working on a range of different projects, from blocking analysis and quality assurance, to outreach and support.

Karen and I will be answering all your questions throughout the day, so feel free to ask us anything you'd like relating to Tor and the Tor Project.

We run the only exit node in Iceland at the moment. Everyone working at a university or running a hackerspace should consider running an exit node or at least a relay. For those that care about real freedom of speech this is the most direct way you can help. Thanks again to the Tor Devs for helping change the world for the better.

Why isn't the Tor Cloud image configured to use <15 gig/month in order to stay totally within the Amazon free usage tier? Wouldn't that allow someone to host a bridge for a year completely free of charge?

I donated my university's bandwidth when the EFF was pushing for exit nodes. I ran an exit node on my work computer. Seeing as how I worked in the IT dept of the journalism college it seemed fitting that we could donate to people who need to pass on sensitive information.

I didn't limit the bandwidth on the gigabit NIC so my node ran for about 24 hours before my boss's boss's boss sent an upset e-mail about having been contacted by the Uni IT guys for my computer having used more bandwidth than the rest of campus in the past 20 days.

You would have to explain what Tor is, how it works, what running a relay means, what the implications are, and justify why you should be allowed to set up one on campus. I'd be happy to help any way I can.

And just so everyone knows, we regularly give talks at universities about Tor and there is a good chance you can get a Tor developer to come do on at yours, for nearly any reason -- not just to persuade your IT department, but also to talk to undergrads and researchers who are interested in or already working on anonymity and related topics. (Scheduling may be tricky, but a lot of us have done talks like these at universities in many different countries.)

After browsing /r/tor on Reddit I get the impression that the availability of child pornography through tor is something to be ignored, or avoided, and there is little scope for any action to stop it.

At one point I believe that the 'hidden wiki' decided to leave the link to the child pornography section on their homepage in the interest of free speech and not starting a precedent of censorship.

As the project becomes more popular, how do you, as developers of tor feel about this?

While in my opinion tor must exist to allow people to remain free on the web, especially in situations where it may be blocked for them, do you believe that it marks a trade off between allowing some people freedom of the internet, and allowing others a safe haven for the distribution and creation of child porn?

Karen from Tor here.
How do we feel about it? We are angry. We talk to people who work with NGOs and government agencies to combat child abuse, human trafficking, stalking, and domestic violence. If you work for Tor, you learn more than you ever wanted to know about the horrible things that happen to vulnerable people. We also get to do work on behalf of vulnerable people. Think about what happens to people in prison after they are arrested for protesting against the government. Some of that happens because of Internet surveillance. Survivors connect to each other anonymously online, because they cannot do so in person.
I am angry at the people who abuse children. I am angry at people in institutions who look the other way in order to preserve reputations and money at the cost of the well-being of vulnerable people. I am angry at government officials and politicians who divert resources away from social services and the investigators who are working on the ground to prevent child abuse in the first place. I am angry at politicians who do not bother to learn how the Internet works; to better know how much of the problem is technology and how much is lack of counselors, training for police, work against corruption, and other non-technical means. Instead, they act as if placing restrictions on the entire population is a magic bullet against child abuse images.
Even if the entire Internet went away, child abuse images would still be traded. Some things can not be stopped. One can only ensure that these bad things do not give people in power excuses to take out the good.

Kill the source of child porn, not the medium. Even if TOR were to stop all child porn on all the onion websites, child photography would just find another medium to reach their audience. If you want to stop child pornagraphy you need to start putting pressure on countries that allow that shit to fly, like in Bombay(Mumbai), India and various cities in Thailand.

There was a recent talk at the PDF2012 conference about groups that are trying to stop human sex trafficking by shutting down websites. The woman giving the talk used the analogy of stopping Golden Gate bridge suicides by burning down the bridge. So then you go to the next bridge, and on and on until you have no bridges left.

I ran an end node for a month or so. I sniffed and logged the traffic for a while, just out of curiosity. I don't know if it was sheer bad luck or what, but after a week a significant chunk of the traffic was to cp websites and forums and various less known *chan imageboards

Shut it down after that. Hopefully I would've been fine in court, but who knows, I didn't want to risk anything.

If I were a law enforcement agency targeting the Tor network, I'd do just this. I'd run an exit node and capture, then analyze, ALL traffic going through it, and try to identify the users.

Of course, as a user, you can take steps to hide your identity even from this kind of situation, but everyone should be aware that the traffic exiting and reentering the Tor network is at the very least, capturable (for lack of better word)

That's the difference between privacy and anonymity. Tor let's you browse the web while being anonymous, privacy has nothing to do with Tor.

If you are sending your name with Tor over an unencrypted channel (HTTP), sure technically someone could
sniff the exit relay and get this piece of information.

I'd run an exit node and capture, then analyze, ALL traffic going through it, and try to identify the users.

Like I said, unless someone willingly sends information about himself over Tor, you could identify the user, but that's all you could do. You would never be able to know from where the initial packet was sent, all you know is that it came from this last relay that forwarded you the packet.

It can be really damned difficult to keep private information from leaking - particularly if someone can completely MitM your connection (like would be happening if they are running the exit node). Panopticlick is a project by the EFF to determine just how anonymous your browser is. If it is unique or nearly so, and they later manage to find that same browser signature doing non-anonymous things, there is good reason to believe they may be the same person. In addition, since they are the man in the middle, there's plenty of different browser and javascript bugs that it's theoretically possible to inject a virus into any non SSL encrypted page, and force your PC to phone home exactly who and where you are.

There was a recent ruling on a torrent case in some US jurisdiction (Florida?) where the judge said essentially that: IP addresses aren't people and aren't sufficient evidence to identify an individual or even a household.

Hello Tor Devs, I have (loosely) been a part of another anonymity project called i2p that actually complements tor quite well in my opinion. what would happen if tor project suddenly got 15k new bridges overnight, I am playing with the idea of having i2p implement enough of tor's functionality to have each i2p node act as a bridge relay at the least.

How safe is it exactly to run an exit node? I am from Europe and have a ton of unused bandwidth, but I can't even be bothered to open my mail - let alone deal with any legal stuff that might be brought on by me running one.

It really depends on what you are worried about and what you count as safe. Either way, I think it's important to first understand what running a Tor exit relay really means, and you will want to consider hosting it somewhere other than in your own home. The Tips for Running an Exit Node with Minimal Harassment post is a good source for information, and you can find a list of Tor-friendly hosting providers on our wiki.

First of all, I highly appreciate what you guys are doing. Even though I rarely use TOR myself, I believe that maintaining uncensored Internet access is one of the most important factors to improving the global human condition.

That being said, stories such as this one scare me. For me, this reduces the question of whether or not to run an exit node into "Am I willing to potentially face prosecution just because some asshole decided to browse kiddie porn at my expense?"

I'm sure this is one of the main concerns that holds people back from running an exit node. The suggestions that you list make a lot of sense, but they are mostly reactive. Are there proactive means to fight this? I guess any form of technical counter-measure can be interpreted as a form of censorship..

I'm afraid I don't really have a good answer to that. We don't want exit relay operators to censor users, but we don't want to see operators run into trouble either. We try to communicate with law enforcement and relay operators when something happens, and we can write letters confirming that IP address x.x.x.x was in fact a Tor exit relay at time y. All of this is just something you have to consider if you're looking to set up a Tor exit relay.

I think it's likely they are doing this at some scale. The OP said there are only 3000 exit nodes. I'm almost certain some government has put up at least 40 exit nodes to sample the type of data coming through the network. They may not be able to trace the information to the source, but finding emails saying 'let's organize a protest in Tianamen square on July 1, 2012' could be useful to a government.

Our volunteer page contains information about our projects and how you can help us. I would also recommend you check out our projects page to see if there is anything that interests you. You can also get in touch with the developers at The Guardian Project. They do lots of awesome work on Android.

Thanks! Tails is actually an official Tor project, and we are working with the developers to ensure that all traffic is safely routed through Tor and no trace is left on the system. I, personally, think Tails is a great distro and have used it a few times while traveling.

Can you access dropbox? I'll pop the latest version of tails on there and pass you the link if you like. Tails is a live-boot (from cd) version of Debian that runs Tor out of the box. Basically, with it you'll be able to access everything (without needed to know how to set it up cause tor can be tricky sometimes) and learn about Tor/Tails (and upgrade as needed).

Just to add to this, Here is the pgp signature for the latest tails ISO, from the tails site. Anyone that knows how, please verify this signature is accurate and reply to this post confirming the signature is correct. Internet peer review is the only way I can think to confirm that a tails distro you download from someone randomly on the internet is likely to be safe.

Well, since he said that he wasn't able to get to the tails distro site or other tor-related sites, I posted the signature here so there's something to verify it against. The point of doing this in a public forum is so that someone can call me out if I post an incorrect signature (say, if I'm an agent interested in distributing compromised versions of TAILS.) I obviously can't make any claims that TAILS is 100% safe, i'm just copy-pasting the PGP signature that is available on the public site (that apolotary can't access)

You are correct. Tor was originally designed, implemented, and deployed as a third-generation onion routing project of the U.S. Naval Research Laboratory. It was originally developed with the U.S. Navy in mind, for the primary purpose of protecting government communications. To help convince you that Tor is not an intelligence honeypot:

Tor is more useful if lots of people use it, otherwise you stand out as the only person making an encrypted connection to a known Tor relay. I don't know if this is the reason why Tor is now open source, though.

I was fire for my work for recomend the use of Tor (and change my mail to Riseup, using DuckDuckGo and being a member of the Argentinian Pirate Party). Im in this moment in the middle of a legal dispute about that. My friends allways said to me that talk to the guys in Tor and in the EFF about this. But I dont really know if you can do something from the US to help me here in Argentina. Do you have contacts with lawyers or someone in Argentina that can help me in my case??

Now it's a known fact that Tor browsing speeds are quite low. Can we expect higher speeds in the future? Also, is the Tor Project entirely dependent on donations? And do you experience a shortage/surplus of funds?

The short answer for why Tor is slow is that there are 500,000 people using Tor daily and only 3000 relays in the network. You are sending your traffic through three relays somewhere in the world, and each relay have different amounts of bandwidth donated to Tor users. We need more people who can run relays and help the network grow even bigger.

To answer the second part of your question; yes, we depend on grants, donations, volunteers who help us with development, testing, documentation etc. All companies (non-profit or not) go through stages where there's a shortage of funds, and the Tor Project is no different. That said, I am really excited that we recently won the Knight News Challenge on Networks.

I really like using TOR, but I sometime feel bad doing so. I like my anonymity on the web, but don't really need it. Given the bandwidth squeeze, I feel like that could be better used by someone else. Do you guys discourage people from using TOR for general web surfing? What's the general feeling on this?

TOR has been a game changer for those of us who used to fumble around with questionable proxies and such; it has certainly made anonymity easier,more reliable, and just keeps getting better. Thank you for your work.

There still seems to be a healthy amount of paranoia about running an exit node; are there any real legal risks associated with running one, and is there anything you would tell someone who was considering it?

If you're an exit node, you're basically the unencrypted part of Tor. Your ISP can potentially track any traffic which comes out of there, including any of the various illegal things that people might use Tor for. You're basically at risk of any of the things that you might be at risk from if you didn't use Tor (and the things that other people want to use Tor to hide).

Whether or not your ISP will do anything about that is another question, but there is a good chance that other people's potentially illegal browsing will be recorded against your name. Whether or not this will -actually- cause any legal trouble, I don't know. Different ISPs/hosts have different policies, and I believe it's easily noticeable that traffic has come from Tor, so that may get you out of potential legal trouble for the traffic itself (or may get you banned by your ISP). IANAL, though.

Also, since Tor exit nodes are all public, some services (eg IRC servers) might automatically ban any IPs that are listed as exit nodes. It can also use a large amount of bandwidth, at some points it was close to maxing out my 100Mb/s server.

It's generally not a good idea to run an exit node on a home computer, or something where your outgoing traffic is important, and it's mostly more suitable for servers.

Is it truly annonymous? Aka is there a way to track which websites were visited?

We cannot guarantee that you will always be anonymous, but we do our best to make sure that this is the case. You should be using the latest Tor Browser Bundle with its default settings, and you should follow the recommendations in the warning section on our download page.

Given that the scipts are turned off (thanks for the useful button) and you don't download anything - how big of a risk is it to get infected by a virus/trojan/malware?

Assuming you define virus/trojan/malware as something that runs on your computer; You won't be infected unless you download an unknown piece of software that you choose to run on your computer.

Why is there no major google-type search engine on .onion? The community seems to be tech savvy and decent in size, think that they could make something usefull.

Hi everyone! I'd like to thank you for the encouragement and all the kind words, and for asking us lots of good questions. I wanted to try and summarize some of the most popular questions/answers and collect all this useful info in one place. If you have more questions after this IAmA, please email us at help@rt.torproject.org and we will reply as soon as we can.

What Tor is:
Tor is a network of virtual tunnels that allows you to improve your privacy and security on the Internet. Tor works by sending your traffic through three random servers (also known as relays) in the Tor network, before the traffic is sent out onto the public Internet. Tor will anonymize the origin of your traffic, and it will encrypt everything between you and the Tor network. Tor will also encrypt your traffic inside the Tor network, but it cannot encrypt your traffic between the Tor network and its final destination. Please read the short user manual for more information about what Tor is and how you use it. Another good source is the information on our overview page

The Tor Browser Bundle and who can see what:
Tor Browser Bundle is a software package that contains everything you safely need to browse the Internet. This bundle is pre-configured and does not require installation. You download the bundle, extract the archive, and start Tor. You need to make sure that you do all your Tor-relevant browsing in the Tor browser window, and not in your normal Firefox or any other browser. I also recommend that you read the warning section on our website regarding file downloads and such. Another good source is the Tor Browser Bundle design document. When using the Tor Browser Bundle, your ISP will only see that you are connecting to Tor, not what you are doing or which websites you are visiting.

How to get involved and help out:
There are many ways you can contribute to the Tor Project, not all of them require you to write code. A good start is to look at our projects page and our volunteer page for a project that interests you. I also recommend signing up to our mailing lists, especially tor-talk and tor-dev. You can also join us in #tor and #tor-dev on irc.oftc.net. You can also help review code, test software (become a volunteer QA tester for the Tor Browser Bundle, for example), write documentation, help with support, run bridges and relays and encourage others to do the same, or donate.

Running a Tor relay does not mean you have to run an exit relay:
When you set up a Tor relay, you can choose whether you want this to be a bridge, a non-exit relay, or an exit relay. A bridge or non-exit relay will only send traffic on to other relays in the Tor network, while an exit relay will send traffic on to the public Internet. There are some risks involved with running a Tor exit relay, and I strongly recommend that you read Tips for Running an Exit Node with Minimal Harassment first. Running a bridge or a relay is just as helpful as running an exit relay. Documentation for how to set up a bridge or relay can be found here and here. Setting up a bridge in the Amazon cloud using Tor Cloud is cheap and easy (and, in some cases, free for the first year). You can even run a bridge or relay on your Raspberry Pi! Another option is to donate to organizations who spend the money on Tor relays, such as Noisetor and torservers.net (both non-profits, so you get a tax writeoff. Same when donating directly to the Tor Project).

Bad people can do bad things on the Internet:
I know a lot of you asked how we feel about bad people using Tor to do bad things, and I don't think we answered all of you. I really recommend reading Karen's comment on that topic.

We all move if it becomes necessary. It would be unfortunate since plenty of people who work for the government believe in civil liberties online and off. Members of the military pledge to defend the Constitution of the United States, and many of them realize what that means in terms of physical security now versus enabling dictatorships in the future.
I don't want to give up hope for my country, but we have invitations from other countries and will accept.

Please reply to this, as it is a concern of my own as well. I considered running a exit for you guys before but this thought occurred to me. If the govt. did decide to attack the Tor network would I be implicated as a cyber-criminal as well?

Hi guys, big thanks for this great service you have provided. Just out of interest do you guys use your own service as standard when on the internet?

Also how do you feel about the fact that a large number of Onion domains are used for transactions and sharing of illegal goods and services? Does this corrupt the original purpose of Tor or was it something you expected to go hand in hand with the project?

Just out of interest do you guys use your own service as standard when on the internet?

I do, yes, and I know other Tor developers who do it as well. It's actually quite easy to get used to the difference in speed when switching over to the Tor Browser completely.

Also how do you feel about the fact that a large number of Onion domains are used for transactions and sharing of illegal goods and services? Does this corrupt the original purpose of Tor or was it something you expected to go hand in hand with the project?

I think it's interesting to see people claim that a major part of hidden services is illegal content, without having any proof that this is really the case. We hear about all the bad things because that's what media likes to write about, but that doesn't mean there aren't a ton of good hidden services out there as well.

I can't really comment on the original purpose or if this was something that was expected. What I can say is that we are working hard to
explain what Tor is and is not, and I think Karen's response in r/TOR regarding law enforcement and hidden services is a good one.

You say you use it for all your browsing. I thought this was unsafe? I read explicitly NOT to use it when doing things like checking my personal email and logging into my Twitter account. Am I wrong? Or how do you go about using it for everything safely?

I don't think running an exit node from a home machine would be a good idea. I had one running on my one at some point, but I had to turn it off because it got my IP banned from pretty much every IRC server.

Can your anonymity using Tor be compromised if you disconnect and then reconnect from a wifi network whilst loading a page through the Tor network?

What are you worried about? That the URL of the site you are browsing is going to leak because it's loading before you have reconnected to the Tor network? Or that someone watching both you and the site you are connecting to can identify your user from all the other users?

How anonymous are exit node operators? I know some people run exit nodes on their home networks, and this seems very risky considering some of the stuff people use Tor for.

What are you worried about? That the URL of the site you are browsing is going to leak because it's loading before you have reconnected to the Tor network? Or that someone watching both you and the site you are connecting to can identify your user from all the other users?

The first one, I suppose. Would you start loading the site before the Tor network, or would you reconnect to Tor without the URL of the site leaking?

As a security nerd and practitioner, thanks to you guys for providing this service. You've helped to overthrow oppressive governments that actively stalked their citizens on the net, how good is that? Two thumbs up.

My experience with tor is that you have to be pretty high brow tech savvy to get the full experience, anyway this is likely to change in the future? Allowing it to become customizable , safe yet noob friendly?

You get the full experience if you use the latest Tor Browser Bundle and leave the settings as they are. Users are more likely to do something wrong and deanonymize themselves if they are allowed to customize things too much.

First of all thank you very much for developing tor. I have only recently discovered it and am very happy with it.

Now for the question. Have you ever been contacted by law enforcement regarding the use of tor for illicit activities? Have they tried taking legal action to take it down.

What is the future of tor? Will we see a return to having easier access to a standalone vidalia or is it more integration into the tor browser bundle?

edit: there still is a standalone vidalia but you need to get an addon into Firefox to make it work and change proxy settings in Google chrome to make it work. Personally I could not get chrome to work but Firefox is fine.

Have you ever been contacted by law enforcement regarding the use of tor for illicit activities? Have they tried taking legal action to take it down.

Legal action against who in this case? A single relay operator or the Tor Project as a company? We often meet with or talk to law enforcement to explain what Tor is and is not, and what we can and cannot do to help them.

What is the future of tor? Will we see a return to having easier access to a standalone vidalia or is it more integration into the tor browser bundle?

We are going to discontinue the standalone Vidalia eventually and focus on the Tor Browser Bundle. We are also focusing more on trainings, support, a forum etc.

there still is a standalone vidalia but you need to get an addon into Firefox to make it work and change proxy settings in Google chrome to make it work. Personally I could not get chrome to work but Firefox is fine.

I'm fairly new to all this, so sorry if this is a stupid question, but why? Is it basically "because Google"? Something to do with the data sync and it saving your visited sites on Google's cloud server?

It is technically possible to use Tor with other browsers, but by doing so you open yourself up to potential attacks. We do our best to make sure that Tor is safe to use with the Tor Browser (Firefox with some extra patches), but we simply don't know how Tor behaves with other browsers.

Here's the gist. I won't start with Tor, but instead I will start with a few simpler systems that build up to Tor. Also this might be more of an "explain like I'm 10;" the "like I'm five" version would probably involve some kind of metaphor, and I'm not thinking of a good one right now.

Let's say that you want privacy on the Internet.

You could use an encrypted website. With an encrypted website, nobody can tell what you are saying except the website you are talking to.

But there's a problem: even with encrypted communications, anybody who is watching can tell who you are, and what website you are talking to. The website learns who is talking to it. That's because on regular internet communications, both sides know the IP address of the other side, and it is not too hard to learn who an IP address belongs to.

So one thing you might do is to use a proxy: you connect to a proxy server and tell it "Connect to the website for me!" Then when you want to tell the website something, you tell the proxy, and the proxy tells the website. When the website wants to respond, it responds to the proxy, and the proxy responds to you. This way, the website only sees the proxy's IP, not yours.

There are two more problems, though. The first problem is that anybody who is watching you can see that you're telling the proxy "Please connect to website XYZ", and from that they can learn that you want to connect to XYZ. You can solve this pretty easily by adding a layer of encryption between your host and the proxy.

The next problem is harder to solve, though: the proxy sees your IP address, and sees the address of the website you want to connect to. If the proxy is hostile, or if somebody breaks into it, they will learn that you are talking to the website.

The solution there is to use a chain of multiple proxies, so that you connect to the first proxy, and use that proxy to talk to another, and use that proxy to talk to another, and use that proxy to talk to the website. To keep proxies from cheating, you wrap your communications up in many layers of encryption, so that each proxy can only remove one layer before forwarding the communication to the next step in the chain. The first proxy in the chain sees you and the next proxy, but does not know any other steps. The last proxy sees the website and the previous step. But nobody sees both you and the website.

You can't set up one of these on your own, though. If I build a little proxy chain, and I am the only one who uses it, then it will be obvious to anybody that connections coming from my proxy chain are coming from me, since I'm the one who set it up. Therefore, I need to make a big network of proxies like this that a lot of people can all use at once, so we can all get some privacy.

That's the basic idea of Tor. There are some other things Tor has to do as well, though, and I think it might be cool to explain those too.

One thing we need to do is make sure that everybody knows about the same potential proxies they can use. (If only a few people know about a certain proxy, then an attacker can use that fact to deduce that any connections coming from that proxy must originate with that small set of people.) So Tor makes sure that there is a list of all the proxies that is more or less the same for everybody.

Another tricky issue is that some Tor users want to use Tor even when they are in a place where the network is controlled by a government that does not want them to have any privacy. In that case, the government will probably block anything that they can identify as Tor. We try to get around that by looking as much as we can like regular encrypted web browser traffic, and by having some proxies (called "bridges") which are not on the official list, so that the censors cannot use that list to block them.

There are all other kinds of reasons why lots of that stuff is not as simple as I made it sound, but I think that's the basic idea. If you want to know more, our designs and specifications are all online, and we love to answer questions.

As someone from Syria, I want to express my heartfelt gratitude to you and your team for your amazing work on Tor. Tor is one of the few anti-censorship tools which work in Syria, I know activists who use Tor on a daily basis to circumvent censorship and avoid government monitoring. A big thank you to you all!

I run a bridge and have noticed that the majority of users are coming from the United States. Is there any way i can limit use of my bridge to users who actually need it. i.e. people in Syria, Iran, etc.?

There is no way to keep your bridge accessible only to users in country x, y, and z. The best you can do is set up a private bridge and give out the address to trusted people in those countries, and hope they don't spread it too far. Upvote for username.

I route trackers through TOR due to some poorly implemented network filtering. I do not, however, route p2p through TOR, because I like my speeds to be countable in megabytes, not kilobits.

Could actually make it a point to blacklist exit nodes in torrent clients, but that's not the spirit of things. Alas, we're left with waiting until one infrastructure (free unblocker services, be it TOR or VPNs) can handle it or the other (the censored "free" internet) stops legislating the fuck out of it.

We don't make Tor for criminals. Criminals always have secure communication tools, because they steal them. Botnets and stolen cellphones are very secure.

What consenting adults do in the privacy of their own homes is not the business of anyone else.

I would urge everyone who buys things from tennis shoes to drugs to consider the human rights implications of their purchase. Was it made in a sweatshop? Were people killed in order to protect the producer's market? Is that plant grown in a region where farmers sell their daughters to pay off debts resulting from a failed crop?

Accurate information about drugs kept me off of them as a kid. I got this information from the Internet. Knowing what you are putting in your body may not keep you from doing drugs, but it may keep you safer.

You can help with anything you want, such as development, testing, documentation, support, running a relay etc. Our volunteer page contains information about our projects and how you can help us. I would also recommend you check out our projects page to see if there is anything that interests you.

Even if you can't, it's good to get experience working on an external project. You may or may not commit anything, but learning to work with other people's code is something you're very likely to do in the future.

There was recently a story about a child pornography investigation (FBI) which was abandoned because the FBI had trouble tracking through TOR. A TOR spokesperson was quoted as saying that TOR helped FBI by providing them exploits the the TOR system to utilize, but this was later clarified with the following: "he TOR Project has clarified that it does not in fact instruct law-enforcement agents on how to exploit vulnerabilities in the service"

Can you clarify how TOR does help law enforcement in cases such as this?

Karen was badly misquoted in that article. We help law enforcement understand what Tor is and is not, and we point out that a Tor hidden service can be vulnerable to attack if the software it is running is vulnerable. I recommend you read Karen's long answer on r/TOR for details.

is the raspberry pi powerful enough to run a tor relay? I have one that I use as a SSH SOCKS proxy to browse anonymously at work (and get around the filter) but wouldn't mind if it also acted as a relay.